👩‍💻Check out the brand new API guide

Secure password collaboration

Passbolt is an open source credential platform for modern teams. A versatile, battle-tested solution to manage and collaborate on passwords, accesses, and secrets. All in one.

Preview of Passbolt interface

35,000+ organisations worldwide are using passbolt, including governments, defence agencies, IT companies, and many more.

Logo of BoschLogo of GLSLogo of HumboldtLogo of TU GrazLogo of ZIT-RLPLogo of HRWLogo of ISLogo of CTIE

Your team can’t stop sharing credentials. Passbolt empowers them to do it securely!

Untangle the chaos of insecure password sharing. Break silos and reclaim productivity, control, and traceability in credentials collaboration.

Illustration of password sharing

What makes Passbolt unique?

A mission-critical solution built for modern engineering teams, yet versatile and easy for anyone to use. Passbolt delivers unmatched collaboration, security, and control in credential management.

Collaborative

Passbolt enables teams of all sizes to granularly share all types of credentials so that they can confidently scale operations.
Example of collaboration in Passbolt

Secure by design

Passbolt is fully end-to-end encrypted and ensures password sharing security thanks to its unique public-private key architecture.
Security diagram of Password Management

100% Open Source

Passbolt is open source all the way, even the paid version. No bullshit.

apt-get install passbolt

Align your organisation's productivity and security goals

Passbolt is an all-in-one platform that can be adapted to all of your credential lifecycles and workflows, with secure centralisation, powerful organisation, fine-grained collaboration and extensive auditing and reporting capabilities. All this, in the hosting environment of your choice.

Illustration for visibility & control

Modelled for your workflows

A credential manager that adapts to your team processes. Not the other way around.

Flexible taxonomy

Organize passwords in personal or shared folders. Add tags, comments and descriptions. Retrieve what you need in a click.
Example of folders, tags in a tree view

Instant sharing

Share one or several credentials instantly with granular permissions. Get notified of updates in real time.
Email inbox showing Passbolt notification

Use from anywhere

Passbolt ships with native mobile and desktop apps for optimal ease of use.
Mobile screen of Passbolt TOPT feature

API integration

Passbolt is API centric and can be used through CLI or SDKs.
Passbolt API GET example

Beyond Passwords

Elevate your security posture with private keys

Your organisation's security is as strong as your user’s weakest password. It’s time to move away from passwords with randomly generated private keys.

Randomly generated private key

Private keys provide an extra layer of security, allowing only key holders with the passphrase to access and decrypt data, while also ensuring a cryptographically-backed audit trail.

End-to-end encryption

Enhances security by ensuring that the private key, generated and stored on the user's device, never passes through the server, maintaining data integrity and confidentiality.

Multifactor by default

Provides a default two-factor authentication by design, requiring both a private key and a passphrase. Plus, it also supports additional MFA layers for even more robust authentication.

Brute force protection

Protects against brute force attacks by encrypting each password with a user’s auto-generated, unguessable private key - unlike legacy password managers that rely solely on the user's master password.

Phishing resistant

On top of a private key and passphrase, Passbolt uses a 3-letter token and color combination, as well as URL matching, to protect against phishing.

1:1 encryption

Passbolt encrypts each password individually for granular, containerised data privacy, ensuring that the compromise of one password does not affect others.

Interoperable

Passbolt is built on top of a JSON API and uses interoperable cryptography (OpenPGP). All operations can be run from any server using our CLI or SDKs.

Admin controlled recovery mechanisms

Passbolt offers an account recovery feature, allowing users to regain access with admin approval, and provides organisation-wide policies for account recovery preferences.

Run it on your own server, natively

Stay in control of your data, deploy passbolt within minutes, on-prem or on infrastructure you already trust.

curl -LO "https://download.passbolt.com/ce/docker/docker-compose-ce.yaml"

curl -LO "https://github.com/passbolt/passbolt_docker/releases/latest/download/docker-compose-ce-SHA512SUM.txt"

sha512sum -c docker-compose-ce-SHA512SUM.txt && echo "Checksum OK" || (echo "Bad checksum. Aborting" && rm -f docker-compose-ce.yaml)

docker-compose -f docker-compose-ce.yaml up -d

helm repo add passbolt "https://download.passbolt.com/charts/passbolt"

helm install mypassbolt passbolt/passbolt

curl -LO "https://download.passbolt.com/ce/installer/passbolt-repo-setup.ce.sh"

curl -LO "https://github.com/passbolt/passbolt-dep-scripts/releases/latest/download/passbolt-ce-SHA512SUM.txt"

sha512sum -c passbolt-ce-SHA512SUM.txt && sudo bash ./passbolt-repo-setup.ce.sh || echo "Bad checksum. Aborting" && rm -f passbolt-repo-setup.ce.sh

sudo apt install passbolt-ce-server

curl -LO "https://download.passbolt.com/ce/installer/passbolt-repo-setup.ce.sh"

curl -LO "https://github.com/passbolt/passbolt-dep-scripts/releases/latest/download/passbolt-ce-SHA512SUM.txt"

sha512sum -c passbolt-ce-SHA512SUM.txt && sudo bash ./passbolt-repo-setup.ce.sh || echo "Bad checksum. Aborting" && rm -f passbolt-repo-setup.ce.sh

sudo apt install passbolt-ce-server

curl -LO "https://download.passbolt.com/ce/installer/passbolt-repo-setup.ce.sh"

curl -LO "https://github.com/passbolt/passbolt-dep-scripts/releases/latest/download/passbolt-ce-SHA512SUM.txt"

sha512sum -c passbolt-ce-SHA512SUM.txt && sudo bash ./passbolt-repo-setup.ce.sh || echo "Bad checksum. Aborting" && rm -f passbolt-repo-setup.ce.sh

sudo dnf install passbolt-ce-server

sudo /usr/local/bin/passbolt-configure

curl -LO "https://download.passbolt.com/ce/installer/passbolt-repo-setup.ce.sh"

curl -LO "https://github.com/passbolt/passbolt-dep-scripts/releases/latest/download/passbolt-ce-SHA512SUM.txt"

sha512sum -c passbolt-ce-SHA512SUM.txt && sudo bash ./passbolt-repo-setup.ce.sh || echo "Bad checksum. Aborting" && rm -f passbolt-repo-setup.ce.sh

sudo zypper install passbolt-ce-server

sudo /usr/local/bin/passbolt-configure

Insights from the blog

The road to Passbolt v5 – Encrypted metadata and other core security changes

The road to Passbolt v5 – Encrypted metadata and other core security changes

Passbolt v5 introduces encrypted metadata, redefining how information is managed and shared. Secure resource names, tags, and URIs with flexible encryption options. Dive into the blog to explore the architecture, migration timeline and what this means for your organization.

Automating Passbolt Maintenance

Automating Passbolt Maintenance

Automate Passbolt server maintenance with a custom bash script. Manage disk space effectively, improve performance, and schedule tasks for reliable upkeep.

Simplifying Passbolt Installation with Ansible

Simplifying Passbolt Installation with Ansible

Automate Passbolt installation with Ansible for a consistent, secure, and efficient server setup.

Flag of European UnionMade in Europe. Privacy by default.